- name: Uninstall IPA client
  hosts: bodhi_backend_stg:bugzilla2fedmsg_stg:github2fedmsg_stg:ipsilon_stg:mbs_stg:osbs_control_stg:osbs_masters_stg:osbs_nodes_stg:osbs_aarch64_masters_stg:osbs_aarch64_nodes_stg:buildvm_stg:buildvm_ppc64le_stg:buildvm_aarch64_stg:buildvm_armv7_stg:buildvm_s390x_stg
  user: root
  vars_files:
  - /srv/web/infra/ansible/vars/global.yml
  - /srv/private/ansible/vars.yml
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  tasks:
  - name: Uninstall IPA client
    command: ipa-client-install --uninstall --unattended
    ignore_errors: yes

- import_playbook: "/srv/web/infra/ansible/playbooks/groups/bodhi-backend.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/groups/bugzilla2fedmsg.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/groups/github2fedmsg.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/groups/ipsilon.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/groups/mbs.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/groups/osbs/deploy-cluster.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/groups/buildvm.yml"


- name: Remove keytab in OpenShift
  hosts: os_master_stg[0]
  user: root
  vars_files:
  - /srv/web/infra/ansible/vars/global.yml
  - /srv/private/ansible/vars.yml
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  vars:
  - keytabs:
    - app: elections
      key: service.keytab
      secret_name: elections-keytab
    - app: fasjson
      key: http
      secret_name: fasjson-keytab-http
    - app: ipsilon
      key: service.keytab
      secret_name: ipsilon-keytab
    - app: bodhi
      key: koji-keytab
      secret_name: bodhi-keytab
    - app: coreos-koji-tagger
      key: koji-keytab
      secret_name: coreos-koji-tagger-keytab
    - app: koschei
      secret_name: keytab
      key: krb5.keytab
    - app: message-tagging-service
      secret_name: keytab
      key: krb5.keytab
    - app: monitor-gating
      key: monitor-gating-keytab
      secret_name: monitor-gating-keytab
    - app: simple-koji-ci
      key: simple-koji-ci-keytab
      secret_name: simple-koji-ci-keytab
    - app: sso
      key: sso-keytab
      secret_name: sso-keytab
    - app: the-new-hotness
      key: koji-keytab
      secret_name: the-new-hotness-keytab

  tasks:
  - name: Remove keytab
    file:
      path: "/etc/openshift_apps/{{item.app}}/{{item.key}}.kt"
      state: absent
    loop: "{{keytabs}}"

  - name: Remove keytab secret
    command: oc -n {{item.app}} delete secret {{item.secret_name}}
    register: delete_out
    failed_when: "delete_out.rc != 0 and 'NotFound' not in delete_out.stderr"
    changed_when: "delete_out.rc == 0 and 'secret \"{{item.secret_name}}\" deleted' in delete_out.stdout"
    loop: "{{keytabs}}"

- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/elections.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/fasjson.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/ipsilon.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/bodhi.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/coreos-koji-tagger.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/koschei.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/message-tagging-service.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/monitor_gating.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/sso.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/the-new-hotness.yml"

# No keytab, but the CA cert needs to be updated
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/noggin.yml"
- import_playbook: "/srv/web/infra/ansible/playbooks/openshift-apps/noggin-centos.yml"
